<?php

require("dbFunctions.php");

/** 
 * Given a Supplier email, update [optionally] their first name,
 * last name, administrative access, and password (if they're an
 * admin after the update.
 * 
 * Author: Steve Gennaoui
 * Date: 11/21/2012
 */

$supplier_email = $_REQUEST['email'];
$first_name = $_REQUEST['fname'];
$last_name = $_REQUEST['lname'];
$isAdmin = $_REQUEST['isAdmin'];
$password = $_REQUEST['password'];

if( is_null($supplier_email) )
	die("No email provided.");
if( is_null($first_name) )
	die("No first name provided.");
if( is_null($last_name) )
	die("No last name provided.");
if( is_null($isAdmin) )
	die("No administrative status provided.");
if( is_null($password) && $isAdmin ==1 )
	die("No password specified and account specified as administrative.");

$pw_hash = hash("sha256",$password);
if( $isAdmin == 0 )
	$pw_hash = null;

$supplier_id = getIDByEmail($supplier_email,"Suppliers");
if( $supplier_id < 0 )
	die("Invalid supplier email provided.");

$dbh = connectDB();

$query = "UPDATE Suppliers SET first_name=:fn,last_name=:ln,is_active=1,is_admin=:admin,admin_password=:pw WHERE sup_id=:id";
$stmt = $dbh->prepare($query);
$stmt->bindParam(':fn',$first_name);
$stmt->bindParam(':ln',$last_name);
$stmt->bindParam(':admin',$isAdmin);
$stmt->bindParam(':pw',$pw_hash);
$stmt->bindParam(':id',$supplier_id);
$stmt->execute();

?>
